Russian hackers steal 4.5 billion records

Hold Security, a firm in Milwaukee, has reported that a Russian hacking group has amassed over 4.5 billion stolen records – 1.2 billion of which are unique – belonging to 500 million email addresses.

The Russian hackers initially acquired a set of stolen credentials on the black market, which they used to install malware on computers via email and social media phishing messages. They then used the malware-infected computers as part of botnets to identify SQL injection flaws and other known vulnerabilities on other websites, from which they then stole even more data.

Repeating the process on an increasingly grand scale, the cyber criminals essentially carried out a security audit of the entire Internet, harvesting personal data as they went, and eventually ending up with the largest known haul of stolen information, which amounted to about 1.2 billion unique email and password combinations.

Hold Security hasn’t released any details of the companies affected by the hack, but says the hundreds of thousands of sites affected include ‘many leaders in virtually all industries across the world, as well as a multitude of small or even personal websites’. Alex Holden, the founder and CISO of Hold Security, told the New York Times that ‘most of these sites are still vulnerable’.

As ever, IT Governance advises following cyber security best practice and not reusing passwords across multiple sites. Once a hacker has your data, every account you use is vulnerable to attack.